How to create a secure automated transfer of binary files between windows servers through a firewall, using powershell?

This is my first question on SO, and I am have tried to avoid it, but am forced to ask. I can't use FTP, as that's insecure. I can't use FTPS, as I can't introduce expiring cert overhead. WEBDAV over https isn't an option.

What would be ideal would be a firewall friendly robocopy, as that uses windows auth.

I am looking at powershell with BITS, but can't find what port it's using or it's requirements on Windows 2012 exclusively. Older systems have stated requirements that they need IIS, but I can't find that stated on Microsoft's sites anywhere: https://www.google.com/search?hl=en&q=site%3Amicrosoft.com%20windows%202012%20bits

I looked on here and found 56 articles related to BITS. Example: How to use BITS in Powershell to upload / download files? I tried performing the file transfer with powershell without caring about the port, but the automation of this is problematic, as I keep getting an error: The operation being requested was not performed because the user has not logged on to the network. The specified service does not exist. (Exception from HRESULT: 0x800704DD)

And ultimately, the port matters because I have to go through a firewall.

I don't want to make an assumption that the requirements from earlier versions of BITS still apply, because Murhphy's Law says I will be burned by it.

Does anyone has a possible solution to this problem? One that doesn't involve the purchase or use of non-native tools. On Linux, I would solve this with SSH, exchange some keys, and it just works. Is there anything in the windows platform that does something similar and is native to the OS?

Here's one way: http://www.nivot.org/post/2009/11/02/PowerShell20IntroducingThePModemFileTransferProtocol

It works over a WSMAN/PSRemoting session, so you can specify the port, use HTTPS.